Friday, March 20, 2009

AntiSpyware Pro 2009 Spyware Threat - Rogueware - AntiSpyware Pro 2009

"AntiSpyware Pro 2009" is a new rogue antispyware application which display false
alerts about suspicious files detected and prompt the user to purchase the application.

This application has been reported by Lavasoft and CA earlier in March.
Files, folders and registry removal information can be found on the Sunbelt website.

AntiSpyware Pro 2009 removal information
AntiSpyware Pro 2009 by Lavasoft

Site screenshot:

A fake scanner page is also on the sites:

Fake Admess.Trojan messages:

Title: My computer Online Scan
Fake virus


 Site URLs: 
 File info:AntiSpywarePro_Installer_eng.exe 
 File size328453 bytes 
 First received03.20.2009 16:10:29 (CET) 
 Results 3/39 (7.67%) 
 SunbeltMalware ID 8007865 

Application screenshot:
 AntiSpyware Pro 2009
AntiSpyware Pro 2009 REMOVAL

- Kill processes: AntiSpyware Pro.exe, Uninstall.exe

- Delete registry keys and values:

  • [HKEY_CURRENT_USER\Software\AntiSpyware Pro]
  • [HKEY_CLASSES_ROOT\CLSID\{66B643BE-5E94-4569-B93E-CE2636848AC8}]
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Explorer\Browser Helper Objects\{66B643BE-5E94-4569-B93E-CE2636848AC8}]
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Uninstall\AntiSpyware Pro]
  • [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    AntiSpyware Pro
- Delete files and folders:
  • ► %ProgramFiles%\AntiSpyware Pro
Additional information to remove AntiSpyware Pro 2009
can be found on the Sunbelt website

Site associated with AntiSpyware Pro 2009

domain sharing ip: